Instructor Materials Chapter 8 Configuring Cisco Devices Networking

Instructor Materials Chapter 8 Configuring Cisco Devices Networking Essentials Presentation_ID © 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential 1

Chapter 8: Configuring Cisco Devices Networking Essentials Presentation_ID © 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential 8

Chapter 8 - Sections & Objectives § 8. 1 Cisco LAN Devices • Explain the basic features of Cisco LAN switches. § 8. 2 Internetworking Devices • Explain the features of a Cisco router. § 8. 3 Exploring the Cisco IOS • Explain how to use the Cisco IOS § 8. 4 Using Show Commands • Use common show commands to view device status. § 8. 5 Configuring a Cisco Network • Build a switch and router network. Presentation_ID © 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential 9

8. 1 Cisco LAN Devices Presentation_ID © 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential 10

Cisco LAN Devices LAN Switches and Wireless Devices § A switch is used to connect devices on the same network. A router is used to connect multiple networks to each other. § When choosing a switch for a particular LAN, there a number of factors to consider: types and number of ports, the speed required, expandability and manageability. § Cisco Catalyst 2960 Series Ethernet switches are suitable for small and medium sized networks. They provide 10/100 Fast Ethernet and 10/1000 Gigabit Ethernet LAN connectivity. Presentation_ID © 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential 11

Cisco LAN Devices Connecting to the Switch § When the switch is on, the power-on self-test (POST) begins. During POST, the LEDs blink while a series of tests determine that the switch is functioning properly. POST is completed when the SYST LED rapidly blinks green. If the switch fails POST, the SYST LED turns amber. § Out-of-band management requires a computer to be directly connected to the console port of the network device that is being configured. Use in-band management to monitor and make configuration changes to a network device over a network connection. § A Cisco device loads the following two files into RAM when it is booted: • IOS Image file • Startup configuration file Presentation_ID © 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential 12

8. 2 Internetworking Devices Presentation_ID © 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential 13

Internetworking Devices Cisco Routers § All routers are essentially computers. Just like computers, routers require: operating systems (OS), central processing units (CPU), random-access memory (RAM), read-only memory (ROM), and nonvolatile random-access memory (NVRAM). § Every Cisco router has the same general hardware components, and these connections: console ports, 2 LAN interfaces, and enhanced high-speed WAN interface card (EHWIC) slots. Presentation_ID © 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential 14

Internetworking Devices Setting Up the Router § Follow these steps to power up a Cisco router: 1. Mount and ground the device chassis. 2. Seat the external compact flash card. 3. Connect the power cable. 4. Configure the terminal emulation software on the PC and connect the PC to the console port. 5. Turn on the router. 6. Observe the startup messages on the PC as the router boots up. § The two most common methods to access the command line interface are console and SSH. Presentation_ID © 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential 15

8. 3 Exploring the Cisco IOS Presentation_ID © 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential 16

Exploring the Cisco IOS Navigate the IOS § The Cisco IOS command line interface (CLI) is a text-based program that enables entering and executing Cisco IOS commands to configure, monitor, and maintain Cisco devices. § To initially configure a Cisco device, a console connection must be established. § As a security feature, the Cisco IOS software separates management access into the following two command modes: user EXEC mode and privileged EXEC mode. § Global configuration mode is identified by a prompt that ends with (config)# after the device name, such as Switch(config)#. Presentation_ID © 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential 17

Exploring the Cisco IOS The Command Structure § The general syntax for a command is the command followed by any appropriate keywords and arguments: • Keyword - a specific parameter defined in the operating system (in the figure, ip protocols) • Argument - not predefined; a value or variable defined by the user (in the figure, 192. 168. 10. 5) § ping ip-address - The command is ping and the user-defined argument is the ip-address of the destination device. § traceroute ip-address - The command is traceroute and the user-defined argument is the ip-address of the destination device. § The Cisco IOS has both context sensitive help and command syntax check. § Commands and keywords can be shortened to the minimum number of characters that identify a unique selection. Presentation_ID © 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential 18

8. 4 Using Show Commands Presentation_ID © 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential 19

Using Show Commands Viewing Device Information § To verify and troubleshoot network operation, examine the operation of the devices using the show command: • • • show running-config show interfaces show arp show ip route show protocols show version § If you are logged into a router or switch remotely, the show version command is an excellent means of quickly finding useful summary information about the particular device to which you are connected. Presentation_ID © 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential 20

8. 5 Configuring a Cisco Network Presentation_ID © 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential 21

Configuring a Cisco Network Basic Switch Configuration 1. Configure the device name. 2. Secure the user EXEC mode. 3. Secure remote Telnet/SSH access. 4. Secure privileged EXEC mode. 5. Secure all passwords in the config file. 6. Provide legal notification. 7. Configure the management SVI. 8. Save the configuration. Presentation_ID © 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential 22

Configuring a Cisco Network Basic Router Configuration 1. Configure the device name. 2. Secure the user EXEC mode. 3. Secure remote Telnet/SSH access. 4. Secure privileged EXEC mode. 5. Secure all passwords in the config file. 6. Provide legal notification. 7. Save the configuration. Presentation_ID © 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential 23

Configuring a Cisco Network Basic Router Configuration (Cont. ) § Configure the interface: • interface type-and-number • description-text • ip address ipv 4 -address subnet-mask • no shutdown § One of the most useful commands for verifying interface configuration is the show ip interface brief command. The output displays all interfaces, their IPv 4 address, and their current status. The configured and connected interfaces should display a Status of “up” and Protocol of “up”. § Other interface verification commands include: • show ip route - Displays the contents of the IPv 4 routing table stored in RAM. • show interfaces - Displays statistics for all interfaces on the device. • show ip interface - Displays the IPv 4 statistics for all interfaces on a router. Presentation_ID © 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential 24

Configuring a Cisco Network Securing the Devices § As good practice, use different authentication passwords for each of these levels of access. § Setting a password for console connection access is done in global configuration mode. These commands prevent unauthorized users from accessing user mode from the console port. • Switch(config)# line console 0 • Switch(config)# password [password] • Switch(config)# login Presentation_ID © 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential 25

Configuring a Cisco Network Securing the Devices (Cont. ) 1. 2. 3. 4. 5. 6. Verify SSH support. Configure the IP domain. Generate RSA key pairs. Configure user authentication. Configure the vty lines. Enable SSH version 2. Presentation_ID © 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential 26

Configuring a Cisco Network Securing the Devices (Cont. ) § To display the version and configuration data for SSH on the device that you configured as an SSH server, use the show ip ssh command. Presentation_ID © 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential 27

Configuring a Cisco Network Connecting the Switch to the Router § The default gateway address is generally the router interface address attached to the local network of the host. The IP address of the host device and the router interface address must be in the same network. § To configure a default gateway on a switch, use the ip default-gateway global configuration command. The IP address configured is that of the router interface of the connected switch. Presentation_ID © 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential 28

Presentation_ID © 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential 29

Presentation_ID © 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential 30